From: Jim Choate <ravage@einstein.ssz.com>
To: <9fans@cse.psu.edu>
Cc: <hangar18-general@open-forge.org>
Subject: Re: [9fans] 'wall' messages
Date: Tue, 7 Oct 2003 08:40:36 -0500 [thread overview]
Message-ID: <Pine.LNX.4.33.0310070825330.3289-100000@einstein.ssz.com> (raw)
In-Reply-To: <20031007124103.J4625@cackle.proxima.alt.za>
On Tue, 7 Oct 2003, Lucio De Re wrote:
> On the other hand, a reply that explains that the namespace is
> sacred and inviolate, otherwise users cannot trust the operating
> system,
Users can't trust the OS, they can only trust the group running it, or
not. A fundamental and basic security flaw that has let more than one
hacker into a system. And will continue to do so until people get burned
enough to realize that 'trust' -only- applies to people, never things. And
even then it's mercurial (eg anybody ever had a girlfriend cheat on
them?).
This is one advantage, security through obscurity, where closed source
OS'es -are- more secure than Open Source. And yes, it is a thin edge, but
a edge never the less. The owners of the vast majority of boxes can't
de-compile the binaries and then modify them for what is effectively a
MITM attack. Open Source OS'es don't have this, in fact it's a common
suggestion that people should in fact work on their own boxes (and many
do).
> that security in Plan 9 hinges on the absence of superior
> privilege (root user) which prevents malicious users from being
> able to hijack the CPU server, that "eve" and not "bootes" is
And bootes is absolutely prevented from aliasing as eve, ever? Even if
they're running on the same box at the same time? I think somebody is more
interested in cannon than reality.
Does bootes -ever- have a process that is running the cpu in supervisor
mode? A single NOP that can be replaced with a jump or branch? If bootes
(or eve for that matter) ever run the cpu in supervisor mode then they can
take control of the VMM on that machine and snapshot everything a user
does or has. So, unless you've got some sort of secure vault to run
in (eg WOM on DSS smart cards) your security with respect to the hardware
and basic OS are really a mirage.
> allowed to provide a trampoline for a user to access a file server,
> all these things make better archive material than tirades about
> lack of understanding.
And that's not written down clearly anywhere. One of the perennial
complaints I hear is that the documentation of Plan 9 sucks. And yes,
Hangar 18 is doing something about that.
I've read -every- damn P9 document that's out there on the site, they
suck. They're out of date, they're written in the wrong tone, etc., etc.,
etc.
-- --
God exists because mathematics is consistent, and the Devil exist because we
can't prove it.
Andre Weil, in H. Eves, Mathematical Circles Adieu
ravage@ssz.com jchoate@open-forge.com
www.ssz.com www.open-forge.com
next prev parent reply other threads:[~2003-10-07 13:40 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-10-07 0:30 mirtchov
2003-10-07 0:33 ` boyd
2003-10-07 0:35 ` jmk
2003-10-07 2:28 ` Jim Choate
2003-10-07 2:27 ` boyd
2003-10-07 2:54 ` Jim Choate
2003-10-07 2:30 ` [9fans] A final question on regex Jim Choate
2003-10-07 3:08 ` [9fans] 'wall' messages Bruce Ellis
2003-10-07 3:11 ` boyd
2003-10-07 3:31 ` Jim Choate
2003-10-07 4:04 ` andrey mirtchovski
2003-10-07 4:17 ` Jim Choate
2003-10-07 4:23 ` [9fans] A fine point on 'lazy update' Jim Choate
2003-10-07 4:25 ` [9fans] 'wall' messages andrey mirtchovski
2003-10-07 13:56 ` Jim Choate
2003-10-07 14:09 ` mirtchov
2003-10-07 14:19 ` Dan Cross
2003-10-07 17:27 ` Ralph Corderoy
2003-10-07 9:50 ` Bruce Ellis
2003-10-07 10:41 ` Lucio De Re
2003-10-07 11:27 ` Bruce Ellis
2003-10-07 11:52 ` Lucio De Re
2003-10-07 12:10 ` boyd
2003-10-08 1:43 ` okamoto
2003-10-07 13:15 ` matt
2003-10-07 12:33 ` Lucio De Re
2003-10-07 14:09 ` Dan Cross
2003-10-07 13:40 ` Jim Choate [this message]
2003-10-08 8:39 ` Douglas A. Gwyn
2003-10-08 13:40 ` Jim Choate
2003-10-07 13:49 ` Jim Choate
2003-10-07 21:35 ` Bruce Ellis
2003-10-07 22:07 ` Joel Salomon
2003-10-08 5:34 ` Jim Choate
2003-10-08 5:48 ` Jim Choate
2003-10-08 14:21 ` rog
2003-10-08 18:14 ` David Presotto
2003-10-08 18:52 ` mirtchov
2003-10-09 15:07 ` rog
2003-10-09 15:10 ` David Presotto
2003-10-08 17:40 ` a
2003-10-07 22:38 ` boyd
2003-10-08 9:36 ` Ralph Corderoy
2003-10-08 13:57 ` Dan Cross
2003-10-07 23:19 ` a
2003-10-08 2:35 ` Jim Choate
2003-10-08 2:42 ` Bruce Ellis
2003-10-08 2:52 ` Jim Choate
2003-10-08 14:46 ` rt
2003-10-09 0:31 ` Geoff Collyer
2003-10-09 1:29 ` Bruce Ellis
2003-10-09 18:36 ` rog
2003-10-09 22:32 ` Geoff Collyer
2003-10-08 9:36 ` Ralph Corderoy
2003-10-08 13:38 ` Jim Choate
2003-10-08 17:02 ` a
2003-10-08 14:24 ` rt
2003-10-08 15:10 ` Jim Choate
2003-10-08 15:47 ` rt
2003-10-08 21:53 ` Charles Forsyth
2003-10-08 22:59 ` Jim Choate
2003-10-07 3:48 ` Dan Cross
2003-10-07 3:51 ` boyd
2003-10-07 4:09 ` Jim Choate
2003-10-07 4:15 ` boyd
2003-10-07 2:37 YAMANASHI Takeshi
2003-10-07 2:41 ` boyd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.LNX.4.33.0310070825330.3289-100000@einstein.ssz.com \
--to=ravage@einstein.ssz.com \
--cc=9fans@cse.psu.edu \
--cc=hangar18-general@open-forge.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).